828 G.SHDSL Router Business-Class Features for Small ... shdsl_router_ds.p… · In addition to terminating site-to-site VPNs, a Cisco 800 running Cisco Easy VPN Server can terminate
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Cisco 828 G.SHDSL RouterBusiness-Class Features for Small Offices and Teleworkers
through the Power of Cisco IOS® TechnologyThe Cisco 828 G.SHDSL Router provides business-class functionality forsmall offices and teleworkers through the power of Cisco IOS® technology.It enables service providers and resellers to increase service revenue bysupporting features for business-class security, differentiated classes ofservice, and managed network services with Cisco IOS Software. Thesevalue-added features, along with the manageability and proven reliability ofCisco IOS technology, provide the mission-critical networking thatbusinesses require.
The Cisco 828 Business-Class G.SHDSL Router is ideal for a small office or as a telecommuting solution to provide secure and reliable access tothe Internet or corporate offices.
Business-Class Security
To take advantage of the unprecedented opportunities offered by communications and commerce over the Internet,
private information must remain secure. With Cisco IOS Software, the Cisco 828 Router provides basic network
security features such as standard and extended access control lists (ACLs), generic routing encapsulation (GRE)
tunneling, and Network Address Translation (NAT), which hides private IP addresses behind a single public IP address.
With the always-on connection that DSL provides, it is essential to provide perimeter security with a firewall. Beyond
simple packet filtering, the Cisco 828 Router provides a stateful inspection firewall with the Cisco IOS Firewall
Feature Set. A stateful inspection or dynamic firewall provides a greater level of security intelligence by allowing or
preventing network access based on a session’s state. The firewall will allow traffic to pass when requested by a user
behind the firewall but will prevent unauthorized network access.
Additionally, when using a public network such as the Internet to connect remote offices and teleworkers, additional
security measures must be taken to make those connections secure for business communications. Virtual private
networks (VPNs) use security encryption and tunneling technology to make connections over a public network
secure. The Cisco 828 Router supports VPNs with the strongest form of encryption, 3DES IPSec, to allow businesses
to save money by using low-cost connections to the Internet without sacrificing the security that private leased lines
provide. Furthermore, firewall and VPN features enable service providers and resellers to offer revenue-generating
value-added services beyond simple Internet access.
The Cisco 828 Router supports the Cisco Easy VPN Remote feature which allows Cisco 800 Series routers to act as
remote VPN clients. As such, these devices can receive predefined security policies from the headquarters’ head-end,
thus minimizing the VPN configuration required at the remote location. This cost effective solution is ideal for remote
offices with little IT support, or large CPE deployments where it is impractical to individually configure multiple
ACLs (Basic and Extended) • Protects network from unauthorized access through liststhat control access to and from the router
PAP, CHAP • Identifies remote users to determine whether users areallowed network access
Route and Router Authentication • Accepts routing table updates only from known routers,ensuring that no corrupt information from unknownsources is received
NAT/PAT • Hides internal IP addresses from external networks
• Prevents certain denial-of-service attacks from outsidenetworks on internal hosts
Secure Shell (SSH1) • Provides strong encryption for Telnet sessions
• Protects against unidentified, malicious Java applets
• Details transactions for reporting on a per-application,per-feature basis
VPNs with 3DES Encryption • Ensure data integrity, confidentiality, and authenticity oforigin by using standards-based encryption
• Provide encryption for all users on the LAN withoutconfiguring individual PCs
Easy VPN Remote • Allows the router to be connected to a VPN head enddevice as a VPN client and have VPN policies pushed to it
Differentiated Classes of Service
IP QoS Low Latency Queuing, Weighted RandomEarly Detect
• Ensures consistent response times for multipleapplications by intelligently allocating bandwidth
• Allows for classification of applications and gives the mostimportant applications priority use of the WAN line
• Averts congestion by telling certain TCP sessions,depending on priority, to throttle down
• Avoids congestion by managing TCP sessions based onassigned priorities
ATM Traffic UBR, VBRnrt, VBRrt, and CBR withper-VC Queuing and Traffic Shaping
• Ensure QoS guarantees for real-time traffic, with ability tosend traffic over the appropriate virtual circuit to provideATM level shaping and ensure that no head-of-line blockingcan happen between circuits of different or equal trafficclasses
Choice of Encapsulation: PPP over ATM (PPPoATM),PPP over Ethernet (PPPoE), and RFC 1483 Routed orBridged (RFC 2684)
• Ensures compatibility with existing network
SLA Support
Cisco IOS SA Agent • Provides a way to measure statistics used in analyzingservice Level agreements (SLAs)
Lower Cost of Operations
Cisco IOS Interactive Debug Features • Allow service providers to remotely or locally diagnosenetwork problems in detail (for example, via Telnet orterminal connection into the router)
Cisco Configuration Express • Helps reduce costs for deployment and warehousing ofproduct and results in greater profitability for SP Partners
Cisco IOS CLI • Allows customers to use existing knowledge of Cisco IOSCLI for easier installation and manageability withoutadditional training
iQ Breakthrough, iQ Expertise, iQ FastTrack, the iQ logo, iQ Net Readiness Scorecard, Networking Academy, ScriptShare, SMARTnet, TransPath, and Voice LAN are trademarks of Cisco Systems, Inc.; Changing the
Way We Work, Live, Play, and Learn, Discover All That’s Possible, The Fastest Way to Increase Your Internet Quotient, and iQuick Study are service marks of Cisco Systems, Inc.; and Aironet, ASIST, BPX, Catalyst,
CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the
Internet Generation, Enterprise/Solver, EtherChannel, EtherSwitch, Fast Step, GigaStack, IOS, IP/TV, LightStream, MGX, MICA, the Networkers logo, Network Registrar, Packet, PIX, Post-Routing, Pre-Routing,
RateMUX, Registrar, SlideCast, StrataView Plus, Stratm, SwitchProbe, TeleRouter, and VCO are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.
All other trademarks mentioned in this document or Web site are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.